A first enterprise interacting with a second enterprise may need to request access to the second enterprise's data. In such a situation, the second enterprise would typically require that the first enterprise be authenticated and authorized by a security mechanism within the second enterprise. The second enterprise might have servers, software, and data stores dedicated solely to the authentication and authorization of such outside users. Other servers, software, and data stores within the second enterprise may be dedicated to the authentication and authorization of internal users.